This invention relates generally to programmable logic devices, and in particular to methods and apparatus for encrypting data used to configure programmable logic devices to protect that data from theft.
FIG. 1 depicts an example of a chip set 100 that includes some general-purpose read-only memory (ROM) 110 connected to a general-purpose FPGA 120. FPGA 120 conventionally includes an array 130 that can be configured to implement custom functional circuitry 140. Array 130 is typically an array of configurable logic blocks (CLBs) programmably interconnected to each other and to programmable input/output blocks (IOBs). For a more detailed discussion of FPGAs, see the co-pending U.S. Pat. No. 6,028,445 which issued on Feb. 22, 2000, xe2x80x9cecoder Structure and Method for FPGA Configuration,xe2x80x9d by Gary R. Lawman, which is incorporated herein by reference.
A vendor may use a chip set similar to chip set 100 to supply any number of different circuit designs while stocking only a single general-purpose FPGA and some general-purpose memory. The vendor supplies a customer with a custom version of chip set 100 by simply programming ROM 110 with the configuration data required to implement the customer""s desired function.
Configuration data are typically downloaded into an FPGA (or other type of programmable logic device) as a series of bits known as a configuration bitstream. Anyone having access to the configuration bitstream for a particular design can easily copy the design. In the foregoing example in which a vendor sells a custom circuit as a set of configuration data combined with a general-purpose FPGA, an unscrupulous customer could easily copy the configuration data and use it to program any number of additional FPGAs. A Design is may also be stolen by reverse engineering the design from the configuration bitstream and then adapting the design for another FPGA or even a different circuit technology. Naturally, developers of custom configuration data for use in programmable chip sets are concerned for the security of their designs.
Some customers develop their own circuit designs and implement them on FPGAs. Designing complex circuits from basic logic gates, or xe2x80x9cprimitive cells,xe2x80x9d can be very time consuming. More complex functions called macros, or xe2x80x9ccores,xe2x80x9d are therefore developed to represent more complex logic functions. These cores can then be used as building blocks for assembling yet more complex circuit designs.
A number of core developers design and market cores for FPGAs and other types of programmable logic devices (PLDs). Customers purchase these cores and use them to program PLDs to achieve desired functions. For example, a collection of cores for implementing standard bus interfaces and signal-processing functions is available from Xilinx, Inc., of San Jose, Cali., under the name LogiCORE(trademark). As with the configuration data in the example of FIG. 1, PLD cores and circuit designs that employ them are easily stolen. Core developers are therefore concerned for the security of their cores. There is therefore a need for a means of securing cores and other proprietary configuration data.
The present invention is directed to a method of configuring a programmable logic device using encrypted configuration data, and to a programmable logic device adapted to use such encrypted configuration data.
In one embodiment, a type of programmable logic device commonly known as a field-programmable gate array (FPGA) is adapted to include a decryptor and a non-volatile memory element programmed with a secret decryption key. Some or all of the decryptor can be instantiated in configurable logic on the FPGA. Once the decryptor is instantiated, encrypted configuration data representing some desired circuit function is presented to the decryptor. The decryptor then decrypts the configuration data, using the secret decryption key, and configures the FPGA with the decrypted configuration data.
For implementations in which the decryptor is instantiated in configuration memory of the FPGA, a clever thief might engineer an FPGA design that, when instantiated, simply reads the decryption key and presents the key on an output pin of the FPGA. To forestall such a security breach, an FPGA in accordance with a second embodiment of the invention includes authentication circuitry that performs a hash function on the configuration data used to instantiate the decryptor. The result of the hash function is compared to a proprietary hash key programmed into a second non-volatile memory element on the FPGA. Only those decryptors whose configuration data produce the desired hash result will have access to the decryption key.